A access control where the credentials cannot be used

This preview shows page 343 - 345 out of 369 pages.

A.Access control where the credentials cannot be used except when the associated badge is in the facilityB.Access control where system administrators may limit which users can access their systemsC.Access control where employee's access permissions is based on the job titleD.Access control system where badges are only issued to cleared personnelCorrect Answer:AExplanationExplanation/Reference:QUESTION 730A security architect is designing an enterprise solution for the sales force of a corporation which handles sensitive customer data. The solution must allow users towork from remote offices and support traveling users. Which of the following is the MOST appropriate control for the architect to focus onto ensure confidentialityof data stored on laptops?A.Full-disk encryptionB.Digital signC.Federated identity management
D.Cable locksCorrect Answer:AExplanationExplanation/Reference:QUESTION 731A security administrator needs a method to ensure that only employees can get onto the internal network when plugging into a network switch. Which of thefollowing BEST meets that requirement?A. NACB. UTMC. DMZD. VPNCorrect Answer:AExplanationExplanation/Reference:QUESTION 732Having adequate lighting on the outside of a building is an example of which of the following security controls?A. DeterrentB. CompensatingC. DetectiveD. PreventativeCorrect Answer:AExplanationExplanation/Reference:QUESTION 733During a recent audit, it was discovered that several user accounts belonging to former employees were still active and had valid VPN permissions. Which of thefollowing would help reduce the amount of risk the organization incurs in this situation in the future?A.Time-of-day restrictionsB.User access reviewsC.Group-based privilegesD.Change management policiesCorrect Answer:BExplanationExplanation/Reference:QUESTION 734An organization is working with a cloud services provider to transition critical business applications to a hybrid cloud environment. The organization retainssensitive customer data and wants to ensure the provider has sufficient administrative and logical controls in place to protect its data. In which of the followingdocuments would this concern MOST likely be addressed?A.Service level agreementB.Interconnection security agreementC.Non-disclosure agreementD.Business process analysisCorrect Answer:AExplanationExplanation/Reference:QUESTION 735A security administrator wants to implement a company-wide policy to empower data owners to manage and enforce access control rules on various resources.Which of the following should be implemented?A.Mandatory access controlB.Discretionary access controlC.Role based access controlD.Rule-based access controlCorrect Answer:CExplanationExplanation/Reference:QUESTION 736Which of the following BEST describes an attack where communications between two parties are intercepted and forwarded to each party with neither party beingaware of the interception and potential modification to the communications?

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 369 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Spring
Professor
Emegbe
Tags
Management, IP address, security administrator

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture